Response to Office Action of September 26, 2006 
U.S. Patent Application Serial No. 09/883,300 
Attorney Docket No. 53470.003028 



REMARKS 

The Office Action of September 26, 2006 has been reviewed, and in view of the following 
remarks, reconsideration and allowance of all of the claims pending in the application are 
respectfully requested. Claims 1-20 are currently pending. 
I. REJECTIONS UNDER 35 U.S.C. § 102 

Claims 1-20 currently stand rejected under 35 U.S.C. § 102(e) as being allegedly anticipated 
by U.S. Patent No. 6,453,353 to Win et al ("Win"). The Office Action alleges that each and every 
claimed limitation is shown by Win. Applicants respectfully disagree. 

Win purports to disclose a network using role-based navigation among protected 
information resources (col. 1, lines 11-15). More specifically, Win appears to discuss a method and 
apparatus for controlling access to protected information resources by enabling organizations to 
register information sources and user information in a central repository (col. 5, lines 12-14). Win 
purports to allow administrators to implement access rules by defining roles that users play when 
working for an organization or doing business with an enterprise, thus forming an additive data 
model (col. 5, lines 21-23, 57-58). 

On the other hand, embodiments of the claimed invention are directed to integrating security 
and user account data with remote repositories and validating the identity of the user through 
authentication. In addition, access control may be implemented to determine what the user may be 
allowed to see, do or access, once the user has been identified to the system. Access control may 
include privileges and permissions. Privileges may define the types of actions that particular users 
and groups may perform in the system. Permissions may define which users and groups have 
access to what objects and the degree to which the user may access those objects. See Specification 
at page 27, lines 16-20. 
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For example, when a server command is requested, the server may check certain access 
rights to determine if a particular command may be executed. In general, the server may check 
access rights on a Server Definition object, for example, that may be used to initialize the server at 
startup. This allows the user to have different capabilities on different servers within the same 
system. See Specification at page 29, lines 3-8. Furthermore, the present invention provides 
security and user account integration with remote authentication servers or remote repositories 
located within a server different that that of a server of the reporting system. See Specification at 
page 2, lines 13-14. 

According to an embodiment of the claimed invention, a method for integrating security and 
user account data comprises "enabling a user to submit user credential input to a reporting system;" 
"identifying an authentication process;" "forwarding the user credential input to a first server;" and 
"enabling the first server to apply the authentication process to authenticate the user against a 
remote repository for verifying the user credential input and to determine user access control data 
for identifying at least one user privilege for performing one or more actions and at least one user 
permission associated with one or more objects, wherein the remote repository is located within a 
second server, the second server being different from the first server." 

The disclosure of Win fails to show at least the limitation directed to "enabling the first 
server. . Jo determine user access control data for identifying at least one user privilege for 
performing one or more actions and at least one user permission associated with one or more 
ob jects , wherein the remote repository is located within a second server, the second server being 
different from the first server ", as expressly recited independent claim 1, and similarly recited in 
independent claims 8 and 15 (emphasis added). 
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Applicants respectfully submit that Win does not disclose each and every limitation, feature, 
or functionality of the claimed invention. Regarding independent claim 1, Applicants respectfully 
submit that Win makes no mention of a applying the authentication process to against "a remote 
repository" and "wherein the remote repository is located within a second server, the second server 
being different from the first server" (emphasis added). In fact, Win appears to merely disclose that 
resource and user information are organized in a "central repository." See Win at col. 5, lines 12- 
20. This is clearly distinguishable from a remote repository that is not owned by the server. 
Furthermore, even assuming that Win teaches a remote repository, Win clearly discloses that the 
repository is not "located within" the second server, as expressly recited in claim 1. Rather, the 
"Registry Server 108 is coupled to a Registry Repository 1 10" (emphasis added). See Win at col. 
6, lines 20-26. 

In addition, not only does Win fail to disclose or suggest a remote repository that is located 
within a second server, Applicants respectfully submit that Win also fails to disclose the step of 
determining user access control data for identifying at least one user privilege for performing one or 
more actions and at least one user permission associated with one or more objects. In fact, Win 
appears to merely disclose a role-specific access menu to a network user that is available to show 
only those resources that the user is authorized to access according to the user's profile information, 
including roles and privileges. This is clearly distinguishable from access control data for 
identifying at least one user privilege for performing one or more actions and at least one user 
permission associated with one or more objects. 

As a result, the disclosure of Win fails to disclose or show at least the limitation directed to 
"enabling the first server to apply the authentication process to authenticate the user against a 
remote repository for verifying the user credential input and to determine user access control data 
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for identifying at least one user privilege for performing one or more actions and at least one 
user permission associated with one or more objects, wherein the remote repository is located 
within a second server, the second server being different from the first server" These features are 
simply not disclosed or even contemplated by Win. For a proper rejection under 35 U.S.C. § 
102(e), each and every claim limitation must be shown in a single reference. The Office Action has 
failed to meet this requirement and thus the rejection is unsupported and should be withdrawn. 

Regarding independent claims 8 and 15, these claims recite subject matter related to claim 1. 
Thus, the arguments set forth above with respect to claim 1 are equally applicable to claims 8 and 
15. Accordingly, is it respectfully submitted that claims 8 and 15 are allowable over Win for the 
same reasons as set forth above with respect to claim 1. 

Dependent claims 2-7, 9-14 and 16-20 depend from either independent claims 1, 8 and 15, 
respectively. As such, each of these dependent claims contain each of the features recited in the 
independent claims. For the reasons stated above, Win fails to disclose the claimed invention and 
therefore the rejections should be withdrawn. 
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CONCLUSION 



It is respectfully submitted that this application and all pending claims are in condition for 
allowance and such disposition is earnestly solicited. If the Examiner believes that prosecution and 
allowance of the application will be expedited through an interview, whether personal or telephonic, 
the Examiner is invited to telephone the undersigned with any suggestions leading to the favorable 
disposition of the application. 

Applicants submit herewith a petition for a one-month extension of time and the required 
fee of $120. Please charge this fee to Deposit Account No. 50-0206, and please credit any excess 
fees to the same deposit account. 



Hunton & Williams LLP 
1900 K Street, NW 
Washington, D.C. 20006-1109 
(202) 955-1500 (phone) 
(202) 778-2201 (facsimile) 

Date: January 26. 2007 



Respectfully submitted, 




For: Brian M. Buroker 

Registration No. 39,125 
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